Tag Archives: fundamental rights

This collection of quotes from relevant case-law has been compiled with the purpose of being useful to all those working with EU data protection law. The majority of the selected findings are part of a “Countdown to the GDPR” I conducted on social media, one month before the Regulation became applicable, under #KnowYourCaseLaw. This exercise was prompted by a couple of reasons.

First, data protection in the EU is much older and wider than the General Data Protection Regulation (GDPR) and it has already invited the highest Courts in Europe to weigh in on the protection of this right. Knowing what those Courts have said is essential.

Data protection law in the EU is not only a matter of pure EU law, but also a matter of protecting human rights following the legal framework of the Council of Europe (starting with Article 8 of the European Convention on Human Rights – ‘ECHR’). The interplay between these two legal regimes is very important, given the fact that the EU recognizes fundamental rights protected by the ECHR as general principles of EU law – see Article 6(3) TEU.

Finally, knowing relevant case-law makes the difference between a good privacy professional and a great one.

This is a collection of specific findings of the Court of Justice of the EU (CJEU), the European Court of Human Rights (ECtHR) and one bonus finding of the German Constitutional Court. There are certainly other interesting findings that have not been included here (how about an “Encyclopedia of interesting findings” for the next project?). The ones that have been included provide insight into specific issues, such as the definition of personal data, what constitutes data related to health, what does freely consent mean or what type of interference with fundamental rights is profiling. Readers will even find a quote from a concurring opinion of an ECtHR judge that is prescient, to say the least.

The mandate of Peter Hustinx as European Data Protection Supervisor will end on January 16. Mr. Hustinx will thus finish his second five year term as EDPS, leaving behind a strong legacy. The question is: who will further take care of this legacy?

In a letter sent to EU officials and published on January 7, Mr. Hustinx expresses “serious concerns about the procedure for the selection and appointment of a new European Data Protection Supervisor and Assistant Supervisor”, because “at this stage, it is highly unlikely that the appointment of a new Supervisor and Assistant Supervisor will take place either before or shortly after this date (January 16)”.

According to Article 42(1) of Regulation 45/2001, “The European Parliament and the Council shall appoint by common accord the European Data Protection Supervisor for a term of five years, on the basis of a list drawn up by the Commission following a public call for candidates“.

Article 42(2) of the Regulation states that “The European Data Protection Supervisor shall be chosen from persons whose independence is beyond doubt and who are acknowledged as having the experience and skills required to perform the duties of European Data Protection Supervisor, for example because they belong or have belonged to the supervisory authorities referred to in Article 28 of Directive 95/46/EC“.

According to Pcworld.com, although the call for candidates went out last year, Commission spokesman Antony Gravili said that “the selection panel concluded that none of the candidates had the qualities that are needed for the job.”

Mr. Hustinx considers that this fact “opens the perspective of a period of uncertainty as to when the new team of Supervisors will be appointed”.

He continues with the view that “This uncertainty and the possibly long delays that may be involved, as well as their different consequences, are likely to harm the effectiveness and the authority of the EDPS over the coming months. The EU is presently in a critical period for the fundamental rights of privacy and data protection, and a strong mandate is required to provide the authority to ensure that these fundamental rights are fully taken into account at EU level. In this respect, I would recall that the operation of a fully effective independent control authority is an essential feature of that right, as set out in Article 8 of the Charter and Article 16 of the Treaty”.

In this context, Mr. Hustinx sent the letter to Mr. Maros Sefcovic, vice-president of the European Commission, Mr. Juan Fernando Aguilar, Chairman of the European Parliament’s Committee on Civil Liberties, Justice and Home Affairs and to Ambassador Theodors N. Sotiropoulos, Permanent Representative of Greece (as Greece recently took over the 6 months presidency of the European Council), asking them “to take all the steps necessary to ensure that a new Supervisor and Assistant Supervisor will be appointed as soon as possible”.

See also

IAPP’s Angelique Carson published an informative piece about Mr. Hustinx’s legacy in December on privacyassociation.org, which I invite you to read HERE.

Wordpress.com uses cookies on this blog. I've limited them as much as customization allows me & I have no access to or control over the personal data they collect. Consent will be recorded after you click the button, and not just by mere scrolling. The widget doesn't provide an "I refuse" button & I'm writing to Wordpress to fix this. In the meantime, see their
Cookie Policy